0

C# – Active Directory changes synchronization with cookie

c-shIn recent post we have discussed how to track Active Directory changes effeciently with PowerShell .

Now the same thing we can achieve with C#. And if you would wonder why C# since we have had it already in PowerShell ? Well maybe you would be writing a form of REST API for your enterprise ? Or writing application for personnel who is not fluent with scripting ( the ppl that do use GUI 🙂  )

Neverless this is going to be nice and easy. I will not be using screenshoots of Visual Studio in this post but just providing you with the information needed.

 

The architecture and design is totally up to you 🙂 I will introduce you to basics needed to put the bits and pieces together. To hold information which we receive it would be best to create a class with properties we will be interested in and hold that in a list.

public class adresult
{
   string objName {get;set;}
   string objDN   {get;set;}
   ...
   string objXYZ  {get;set;} # Whatever else properties you would be interested in 
}

 

That was easy 🙂 Now let’s get to write our application. I focus here on console application but you can you whatever else type suitable for you.

Let’s prepare LDAP connections :

                string ldapSrv = "LDAP://<LDAP-path>";
                string ldapFilter = "(objectClass=user)";

                // File to store our cookie
                string ldapCookie = @"c:\adsync-cookie.dat";

                // set up search
                DirectoryEntry dir = new DirectoryEntry(ldapSrv);
                DirectorySearcher searcher = new DirectorySearcher(dir);

                searcher.Filter = ldapFilter;
                searcher.PropertiesToLoad.Add("name");
                searcher.PropertiesToLoad.Add("distinguishedName");
                searcher.SearchScope = SearchScope.Subtree;
                searcher.ExtendedDN = ExtendedDN.Standard;

 

Next is the interesting – which is synchronization object

// create directory synchronization object
DirectorySynchronization sync = new DirectorySynchronization();

// check whether a cookie file exists and if so, set the dirsync to use it
if (File.Exists(ldapCookie))
   {
      byte[] byteCookie = File.ReadAllBytes(ldapCookie);
      sync.ResetDirectorySynchronizationCookie(byteCookie);
   }

 

Lastly is combining of what we have prepared and executing search

// Assign previously created object to searcher 
searcher.DirectorySynchronization = sync;

// Create group of our objects
List<adresult> ADresults = new List<adresult>();

foreach (SearchResult result in searcher.FindAll())
  {
      adresult objAdresult = new adresult();
      objAdresult.Objname  = (string)result.Properties["name"][0];
      
      string[] sExtendedDn = ((string)result.Properties["distinguishedName"][0]).Split(new Char[] { ';' });
      objAdresult.objDN    = sExtendedDn[2];

      ADresults.Add(objAdresult);
   }

// write new cookie value to file
File.WriteAllBytes(ldapCookie, sync.GetDirectorySynchronizationCookie());

// Return results 
return ADresults;

 

This concludes this short post. I hope you would be able to use it for your complex Active Directory scenarios.

 

 

0

Docker Owncloud container with LDAP support

Since we already talked about using Azure Files for storage and for docker why not make your own storage use of it – something like ‘Dropbox’ :)

Product I’m referring here is called owncloud and I wont be spending time to tell you what PRO/CONs you have. In my case I wanted to use it to share files with friends and family so I decided to set up own container.

Choosen for Docker and there was a suprise :)  When using the default image there was no LDAP support. So I have just added it to a docker file and created a gist of it.

 

 


 

 

 

 

0

Ansible – ‘DEFAULT_DOCKER_API_VERSION’ is not defined

Working on daily basis with DevOps causes you to automate a lot of work. Now one of recent orchestration tools by me is Ansible. I’m not saying THIS IS THE TOOL to go :) but it for sure have a lot of potential.

So I decided to use it to deploy services also leveraging docker … but then I received error message :

 

NameError: global name ‘DEFAULT_DOCKER_API_VERSION’ is not defined

  - name: install the required packages
    apt: name=python-pip state=present update_cache=yes
  - name: Install docker-py as a workaround for Ansible issue
    pip: name=docker-py version=1.2.3